Implement Outlook Live Directory Sync for Live@edu

Applies to: Live@edu

Topic last modified: 2011-12-05

Important:

Outlook Live Directory Sync (OLSync) is the synchronization solution for Microsoft Live@edu customers. If you are running a cloud-based e-mail service with Microsoft Office 365 for enterprises, you must use the Microsoft Online Services Directory Synchronization tool to synchronize your directories.

UNRESOLVED_TOKEN_VAL(<rte:TA_Reuse_OLSync_1stMention>), formerly known as GALSync 2010, is a directory synchronisation tool that you use to replicate and synchronise user information between your on-premises Active Directory Domain Services (AD DS) or Active Directory directory service and Outlook Live. The goal of directory synchronisation is to represent a single entity in different identity databases, and to keep the information about that entity consistent and up-to-date.

To get up and running with UNRESOLVED_TOKEN_VAL(<rte:TA_Reuse_OLSync_SubsequentMention>), make sure to read the following topics:

UNRESOLVED_TOKEN_VAL(<rte:TA_Reuse_OLSync_SubsequentMention>) pulls user, contact, group and dynamic distribution group data from your on-premises AD DS or Active Directory and replicates and synchronises it with your Outlook Live domain.

After UNRESOLVED_TOKEN_VAL(<rte:TA_Reuse_OLSync_SubsequentMention>) pulls in the data, it creates, manages and deletes accounts in Outlook Live, a process called "auto-provisioning." In addition, UNRESOLVED_TOKEN_VAL(<rte:TA_Reuse_OLSync_SubsequentMention>) populates the shared address book in the corresponding Outlook Live domain.

When UNRESOLVED_TOKEN_VAL(<rte:TA_Reuse_OLSync_SubsequentMention>) runs, it completes a one-way synchronisation from your directory to the Outlook Live datacentre that Microsoft operates. UNRESOLVED_TOKEN_VAL(<rte:TA_Reuse_OLSync_SubsequentMention>) doesn't write information back to your directory.

What do I get with OLSync?

UNRESOLVED_TOKEN_VAL(<rte:TA_Reuse_OLSync_SubsequentMention>) is made up of the following components:

Synchronisation engine UNRESOLVED_TOKEN_VAL(<rte:TA_Reuse_OLSync_SubsequentMention>) relies on a directory synchronisation engine to manage the synchronisation of objects from your on-premises AD DS or Active Directory to the Outlook Live datacentre. The current version of UNRESOLVED_TOKEN_VAL(<rte:TA_Reuse_OLSync_SubsequentMention>) supports ILM 2007 FP1 only.

Management agents ILM uses management agents to establish and maintain authenticated connections to your organisation and to the Outlook Live datacentre. UNRESOLVED_TOKEN_VAL(<rte:TA_Reuse_OLSync_SubsequentMention>) uses two management agents: the Active Directory Management Agent (ADMA) and the UNRESOLVED_TOKEN_VAL(<rte:TA_Reuse_OLMA_SubsequentMention>). Together, these management agents optimise the connection of your on-premises directory to your Outlook Live domain.

Rule sets Rule sets are software templates that provide the business logic for synchronising between AD DS or Active Directory and Outlook Live. UNRESOLVED_TOKEN_VAL(<rte:TA_Reuse_OLSync_SubsequentMention>) includes one rule set that defines address book synchronisation and auto-provisioning. The rules for address book synchronisation push the group and user objects that you specify into the Outlook Live shared address book. The rules for auto-provisioning let you to create, update and delete users in Outlook Live by using your on-premises directory and Microsoft Exchange management tools.

To synchronise with Outlook Live, you can use the current release of UNRESOLVED_TOKEN_VAL(<rte:TA_Reuse_OLSync_SubsequentMention>) to import the management agents and rule sets for an AD DS or Active Directory running Microsoft Exchange Server 2003 or later versions of Microsoft Exchange on-premises. After you import the management agents and rules sets, and make some basic configurations, you can begin synchronising.

What do I need to deploy OLSync?

The following are required:

An on-premises AD DS or Active Directory The user and group objects that you want to synchronise with Outlook Live have to originate in your on-premises directory. If you're running Exchange 2003 or later versions of Microsoft Exchange, you can use the native Exchange and Active Directory user management tools to auto-provision users.

If you aren't running AD DS or Active Directory on-premises, you can use components of the UNRESOLVED_TOKEN_VAL(<rte:TA_Reuse_OLSync_SubsequentMention>) solution to automate address book synchronisation and provisioning as part of your own customised solution. However, a customised solution isn't supported by UNRESOLVED_TOKEN_VAL(<rte:TA_Reuse_OLSync_SubsequentMention>) and requires expertise with ILM.